What ports or best method can be used to block the audits or inquiries from the product? For instance, I would like to locate a port it uses to communicate it's inquiries of somone's network. I don't have any white papers or technical documents that discusses this.
You can use a sniffer to find what ports it uses. If you don't have a sniffer, you can use a router, put an access-list on it (eg permit tcp host x.x.x. any log and permit udp host x.x.x.x any log - don't use IP as it won't list ports in the log) and see what ports it uses. Once you know the ports, create an acl to block what you don't like.
Unfortunately, this would allow the information to be accessed before blocking. Hopefully, I can find something more proactive to block. I will check one of the updated port lists to see if this product has it's own port number(s).
If you know of anyone already using this product, ask if I can contact them. I will be calling tech/sales support shortly once they are open for business.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...